Remote Log Receivers
Support > Technical Assistance > Remote Log Receiver
This page lists all configured remote log receivers that are managed by Orchestrator. You can register a server to be a remote log receiver for Orchestrator using either the Orchestrator UI or the Orchestrator REST API. If you register a remote log receiver, Orchestrator electronically sends a log message to that receiver when certain events take place, such as alarms. You can use the following types of servers as receivers: HTTP, HTTPS, KAFKA, SYSLOG, and WEBSOCKET. Each server employs a mechanism for supporting asynchronous notifications. For HTTP, HTTPS, KAFKA, and WEBSOCKET servers, event messages are sent using HTTP POST requests. For SYSLOG servers, event messages are sent using TCP/UDP. For information about the data contained in remote log messages, see Remote Log Messages.
After you determine which remote receiver you want to use to receive your data, you can configure specific settings for that receiver.
Complete the following instructions to add a receiver.
-
Click Add Receiver.
-
Select the type of receiver you want to use from the list.
-
Depending on which receiver you choose, a settings pop-up will appear. Enter the appropriate information for each receiver. See the following tables below for each receiver’s settings.
-
Click Save.
HTTP Receiver Settings
Field | Description |
---|---|
Enable Receiver | Click this slider to toggle between enabled and disabled state. |
Name | Name of the receiver the logs are going to. |
Log Type | Select the type of log from the list you want to apply. |
URL | URL served by HTTP/HTTPS log server that Orchestrator will send log data with POST REST calls. |
User Name | User name used in Basic Authentication when making REST calls (Optional). |
Password | Password used in Basic Authentication when making REST calls. (Optional). |
Repeat Password | Your password repeated. |
HTTPS Receiver Settings
Field | Description |
---|---|
Enable Receiver | Click this slider to toggle between enabled and disabled state. |
Name | Name of the receiver the logs are going to. |
Log Type | Select the type of log from the list you want to apply. |
URL | URL of the HTTPS Receiver. |
User Name | User name used in Basic Authentication when making REST calls (Optional). |
Password | Password used in Basic Authentication when making REST calls (Optional). |
Repeat Password | Your password repeated. |
KAFKA Receiver Settings
Field | Description |
---|---|
Enable Receiver | Click this slider to toggle between enabled and disabled state. |
Name | Name of the receiver the logs are going to. |
Log Type | Select the type of log from the list you want to apply. |
Topic | Topic name on KAFKA Receiver. |
Bootstrap Servers | Domain name served by KAFKA Receiver. For example, “xxx.com:9092”, “1.1.1.1:9092”. |
Acks | Defines the amount of KAFKA servers that acknowledge a message before considering the message delivered. acks=0: Expect no acknowledge. acks=1: Only leader server must acknowledge. ack=all: All servers must acknowledge. |
Retries | Amount of times KAFKA will try before returning an error. |
Batch Size | Multiple messages KAFKA will produce until the batch size is exceeded. |
Buffer Size | Maximum memory size that can be used for buffering messages. When buffer size is exceeded, a message will be blocked. |
Linger Time | Amount of time that KAFKA will wait before sending next message batch. |
SYSLOG Receiver Settings
Field | Description |
---|---|
Enable Receiver | Click this slider to toggle between enabled and disabled state. |
General Settings
Field | Description |
---|---|
Log Type | Type of log being sent to the SYSLOG receiver. |
Protocol | Protocol being used between devices. |
Hostname | Hostname of the SYSLOG receiver to identity the device. |
Port | Port number of the SYSLOG receiver that accepts incoming events. |
Custom Data | Custom data embedded inside the SYSLOG message. |
Facility Settings
Field | Description |
---|---|
Audit Log | Type of audit log. |
Audit Log Severity Settings
Field | Description |
---|---|
Error | Severity level of the error; select from the drop-down menu. |
Info | Severity level of the information; select from the drop-down menu. |
Debug | Severity level of the debug; select from the drop-down menu. |
WEBSOCKET Receiver Settings
Provides a reliable streaming mechanism for alarms and Orchestrator audit logs across all appliances. It is initiated from the client side and sent to Orchestrator for authentication. When authenticated by Orchestrator, asynchronous notifications are sent in JSON objects.
Field | Description |
---|---|
Enable | Click this slider to toggle between enabled and disabled state. |
Name | Name of the WebSocket receiver. |
Log Type | Type of log being sent to the WebSocket receiver. |
IP Allow List | List of source IP addresses that are allowed WebSocket access to Orchestrator. |
WebSocket Receiver Configuration
You need the following items to establish connectivity from Orchestrator to the WebSocket receiver:
-
Key generated by Orchestrator after the above configuration is completed
-
ID created by Orchestrator when it is configuring the WebSocket server